Hi [[ session.user.profile.firstName ]]

Getting Ready to Meet CMMC Requirements

The Cybersecurity Maturity Model Certification (CMMC), based on NIST 800-171 and other global standards, is the new unified cybersecurity standard the DOD will use moving forward to verify that all of its contractors have the appropriate level of cybersecurity practice and processes in place to protect controlled unclassified information (CUI) and federal contract information (FCI) on their networks.

Companies that contract with the DoD will start to see CMMC requirements as part of RFIs as early as the end of 2020. Covered entities will need to pass a third-party assessment and receive certification prior to contract award. Further, the CMMC is expected to create ripple effects across industries and be adopted by other governmental agencies and private sector organizations.

Join this conversation featuring Josh Bobbit, Founder, and CEO of Fortified Logic, and Matt Monroe, Operations Manager at Omnistruct, on how the CMMC may impact your industry and organization, your internal cybersecurity processes, and third-party due diligence processes. Understand key steps your organization can take in the immediate term to become CMMC ready and demonstrate your compliance posture.
Recorded Dec 10 2020 57 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Matthew Monroe, Operations Manager & CISSP | Omnistruct & Joshua Bobbitt, CEO | FortifiedLogic
Presentation preview: Getting Ready to Meet CMMC Requirements

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Security Certifications: How to Achieve and Maintain Them Efficiently May 27 2021 6:00 pm UTC 60 mins
    Matt Lehto, Chief Growth Officer at Hyperproof
    Security certifications such as ISO 27001 and SOC 2 are becoming table stakes for passing vendor assessments when looking to sell to new companies and renew existing contracts. As security demands continue to become more stringent, information security teams are having to do more with the same or even reduced resources.
    In this webinar, Matt Lehto, Chief Growth Officer at Hyperproof, will discuss how security teams are tackling this problem and outline some strategies they can use to make it easier to manage increasing workload and ways to create efficiencies when pursuing multiple security certifications. He will also show you how to efficiently manage security certification projects in Hyperproof’s compliance operations software solution.
  • Compete and win with ComOps and a Hyperproof Partnership! May 25 2021 5:00 pm UTC 45 mins
    Lynn Harrington, VP of Partnerships at Hyperproof
    As an MSSP, you’re in the business of helping clients protect their business and customer data. With cyberattacks and privacy regulations on the increase, now is the time to optimize your business. With Hyperproof’s Compliance Operations platform, you can stand up IT compliance programs faster and manage them more effectively across customers -- improving your service delivery and profit margin as a result. Come learn more about Hyperproof and our Partner Program.
  • How to Lead & Build an Innovative Security Organization From Security Leaders May 20 2021 6:00 pm UTC 60 mins
    Warner Moore, vCISO, Gamma Force | Ed Glover, vCISO, Cloud Security Labs | Casey Allen, Infosec Manager, Philips
    CISOs and their teams are hard at work protecting and helping their organizations meet ever-growing IT compliance requirements. What makes their jobs harder is those outside of the security and compliance teams often have little understanding and appreciation of the value of the security work. Security and compliance teams are often perceived as the department that says “no,” and CFOs and CEOs have a hard time understanding why security teams need more resources to do their job.

    In this session, a panel of security and revenue leaders will share their experience with how security organizations can approach assurance work in a way that enables the business strategy and improves operational efficiency. They’ll also share their hard-earned experience on how to communicate the value of security assurance work in a language senior business executives understand.
  • Compliance Operations Methodology - Have You Heard Of It? Recorded: Apr 28 2021 53 mins
    Matt Lehto, Chief Growth Officer at Hyperproof
    Join us on this webinar to learn about the Compliance Operations methodology, a methodology that helps companies manage their IT risks in a more rigorous way while getting day-to-day audit and compliance tasks done in the most efficient way possible. This methodology can be used by organizations of any size, any compliance maturity level, and in any industry. We’ll also show you how to implement this methodology in Hyperproof’s compliance operations software platform, starting with setting up an organized system for collecting and managing evidence.
  • You’ve done SOC 2, What's Next? Recorded: Apr 22 2021 57 mins
    Charlie Wood, EVP at Bonadio & Aidan Collins, Head of Enterprise Business at Hyperproof
    Even though you may have gotten your SOC 2 report because your customers asked you to, compliance work, when approached the right way, can be an enabler of the business. For example, you can leverage your SOC 2 work to get a headstart on becoming compliant with a variety of security and privacy compliance standards and regulations your company will need to compete in new markets. Compliance effort also serves as a forcing function for improving your security posture.

    On this webinar, we’ll show you how to use SOC 2 as a starting point to build out a strategic security compliance roadmap aligned to your business goals. We’ll also discuss what you can do to scale up your compliance program efficiently as your organization grows. Key topics covered include:
    - Trends in SOC 2
    - Using SOC 2 to get a headstart on meeting additional regulations & compliance standards such as SOX and ISO 27001
    - Challenges you may encounter when scaling up security compliance programs
    - How you can take an agile approach to compliance work and avoid duplicative, admin tasks
  • Introduction to the Compliance Operations Methodology Recorded: Mar 18 2021 52 mins
    Craig Unger, CEO of Hyperproof
    At this time, there’s an increasing number of information security regulations and standards companies must conform to in order to do business with their target customers. What’s more, these information security standards (e.g., SOC 2, CSA STAR, CMMC, ISO 27001, NIST 800-53) are getting updated more frequently than in the past. Under these conditions, taking an ad-hoc approach to security assurance doesn’t cut it anymore. Companies that want to keep up with multiple standards and contain the costs of compliance need an organized approach and a tech stack that supports efficient and ongoing compliance operations.

    Join us on this webinar to learn about the Compliance Operations methodology, a methodology that helps companies manage their IT risks in a more rigorous way while getting day-to-day audit and compliance tasks done in the most efficient way possible. This methodology can be used by organizations of any size, any compliance maturity level, and in any industry. We’ll also show you how to implement this methodology in Hyperproof’s compliance operations software platform, starting with setting up an organized system for collecting and managing evidence.
  • Taking a Disciplined and Rigorous Approach to Managing IT Risks Recorded: Feb 18 2021 62 mins
    Matt Kelly, CEO | Radical Compliance & Aidan Collins, Head of Enterprise Business | Hyperproof
    Organizations today are operating in a “risk-volatile” business landscape. Technology adoption is accelerating and so is the reliance on third parties. COVID-19 disrupted the operating models of organizations like no other; the shift to mass remote work exacerbated security, data privacy, and compliance risks. Risk failures can be quite expensive, ranging from compliance penalties to operational disruption to the loss of key stakeholder support.

    Organizations that don’t take a rigorous approach to IT risk management will struggle to maintain their desired risk profile and miss critical issues -- even as they spend more money and time on cybersecurity and security assurance. In this webinar, we’ll discuss why a shift to a more disciplined risk management approach is necessary, and how to make that shift from a practical standpoint. Key topics covered include:

    - Characteristics of today’s IT risk landscape and why taking a risk-first approach is more important than ever before
    - Compliance Operations methodology -- a new methodology to manage IT risks in a consistent, disciplined approach
    - How to take an incremental approach to standardize and automate key security assurance tasks
  • Results Are In! - 2021 IT Compliance Benchmark Findings Revealed Recorded: Feb 3 2021 59 mins
    Jingcong Zhao, Director of Content Marketing | Hyperproof & Matt Lehto, Chief Growth Officer | Hyperproof
    In December 2020, Hyperproof surveyed 1,029 cybersecurity, security assurance/compliance and IT decision-makers within the technology industry. The survey examines IT security and compliance decision-makers’ attitudes towards the current cyber risk landscape, and companies’ budget, staffing, and technology purchase plans in 2021 to manage IT risks and fulfill compliance obligations. It asked respondents to share details about their organizations’ day-to-day practices in the realms of compliance operations, vendor risk management and IT risk management.

    If you’re an information security or GRC professional, this is the webinar you don’t want to miss. Sign up to hear the key findings from this comprehensive survey. What we’ll discuss:
    - Top survey findings and key differences between various segments (e.g. company size and location)
    - Leading practices for ensuring security and IT compliance today
    - What leading organizations -- those who are are better at achieving organizational objectives and avoiding security lapses and compliance violations than the average organization -- do differently than the rest of the pack.

    When you register, you’ll also receive a copy of the 2021 IT Compliance Benchmark Report, which will be released on January 26.
  • Getting Ready to Meet CMMC Requirements Recorded: Dec 10 2020 57 mins
    Matthew Monroe, Operations Manager & CISSP | Omnistruct & Joshua Bobbitt, CEO | FortifiedLogic
    The Cybersecurity Maturity Model Certification (CMMC), based on NIST 800-171 and other global standards, is the new unified cybersecurity standard the DOD will use moving forward to verify that all of its contractors have the appropriate level of cybersecurity practice and processes in place to protect controlled unclassified information (CUI) and federal contract information (FCI) on their networks.

    Companies that contract with the DoD will start to see CMMC requirements as part of RFIs as early as the end of 2020. Covered entities will need to pass a third-party assessment and receive certification prior to contract award. Further, the CMMC is expected to create ripple effects across industries and be adopted by other governmental agencies and private sector organizations.

    Join this conversation featuring Josh Bobbit, Founder, and CEO of Fortified Logic, and Matt Monroe, Operations Manager at Omnistruct, on how the CMMC may impact your industry and organization, your internal cybersecurity processes, and third-party due diligence processes. Understand key steps your organization can take in the immediate term to become CMMC ready and demonstrate your compliance posture.
  • Top Considerations When Auditing Cloud Computing Systems Recorded: Nov 19 2020 62 mins
    Jacques Nack, CEO | JNN Group & John Gukian, CISSP and Senior Security Engineer | IBM
    Cloud computing represents a drastic departure from legacy IT in virtually every respect. The new technology architecture, the nature of how cloud is provisioned, and the shared responsibility model means that IT audit must be significantly altered to provide assurance to stakeholders that their cloud adoption is secure.

    If you are CISO, security and compliance manager, internal auditor or external auditor, and you want to skillfully address the specific concerns that arise from the use of cloud services, this is a webinar you wouldn’t want to miss.

    Jacques Nack, CEO of JNN Group, and John Gukian, CISSP and Senior Security Engineer at a leading tech company, are two cybersecurity experts who contributed to the development of the CCAK, a new cloud auditing credential from the Cloud Security Alliance. During this virtual conversation, Nack and Guckian will share their perspectives on audit cloud IT environments and how earning the new credential -- CCAK -- can help cloud auditing professionals be more effective in their work.

    Topics covered include:
    - The key differences between auditing a cloud environment vs. a legacy IT environment
    - The unique risks and requirements of compliance in the cloud
    - Roles and responsibilities you need to have within your company to address cloud security
    - Data security and data privacy compliance issues you need to be prepared for when expanding outside the U.S.
    - How earning the CCAK can help cloud security professionals become more effective
  • How to Avoid Control Deficiencies That Can Negatively Impact Audit Results Recorded: Nov 6 2020 41 mins
    Petrina Youhan, Director of Channel Partnerships, Hyperproof
    Maintaining effective controls at all times should be the goal of every compliance team. When controls and other compliance safeguards fail, they can wreak havoc on an organization. Not only can control deficiencies negatively impact your audit results, they can lead to costly data breaches, business disruptions, damage to your reputation and revenue loss. Fortunately, many control failures are entirely avoidable if an organization has the right mitigation processes in place. Watch this webinar to learn how to avoid these control deficiencies and get the best audit results from them.
  • How to Use NIST SP 800-53 to Protect Your Information Systems and Resist Attacks Recorded: Nov 6 2020 58 mins
    Kenneth Cooper, CTO, Datapoint Solutions Consulting, and Jingcong Zhao, Director of Content Marketing, Hyperproof
    In this webinar, we will discuss why IT risk management frameworks like NIST SP 800-53 are particularly relevant now, key security control families within NIST SP 800-53 that need to be operational to ensure secure remote work, what's new in the latest version of NIST SP 800-53, and ways to save time and avoid duplicative effort when adhering to multiple IT compliance standards.
  • Beyond COVID-19: How to Build a Strong Risk and Compliance Management Section Recorded: Nov 6 2020 62 mins
    Craig Unger, CEO and Founder, Hyperproof and Matt Kelly, CEO and Editor-in-Chief, Radical Compliance
    In the past year, organizations’ business continuity plans, security plans, crisis management plans and customer acquisition plans were all put to the test. COVID-19 has not only introduced new risks to organizations; it has amplified and complicated existing risks organizations always faced. Further, the virus has spurred an economic recession that’s unprecedented in scale.

    Matt Kelly (CEO and editor of Radical Compliance) and Craig Unger (founder and CEO of Hyperproof) have a lively discussion featuring topics including:

    - How the risk landscape has shifted since the emergence of COVID-19
    - Key capabilities organizations will need to develop to effectively mitigate these risks
    - Key roles and opportunity areas for compliance professional
    - How to make the business case to secure budget and resources for compliance
    - Metrics that risk leaders need to track to ensure successful risk management efforts
  • CMMC Demystified: What Defense and Aerospace Suppliers Need to Know Recorded: Nov 6 2020 64 mins
    Jerry Leishman, VP & National Director, CORTAC Group, and Jingcong Zhao, Director of Content Marketing, Hyperproof
    The Cybersecurity Maturity Model Certification (CMMC), based on NIST 800-171 and other global standards, is the unified cybersecurity standard the DOD will use moving forward to verify that all of its contractors have the appropriate level of cybersecurity practice and processes in place to protect controlled unclassified information (CUI) and federal contract information (FCI) on their networks.

    Companies that contract with the DoD will start to see CMMC requirements as part of RFIs as early as Fall of 2020. Covered entities will need to pass a third-party assessment and receive certification prior to contract award. Further, the CMMC is expected to create ripple effects across industries and be adopted by governmental agencies and private sector organizations. Watch this webinar to learn all about the CMMC and how to prepare for its requirements.
  • Privacy Considerations For Bringing Employees Back Into Physical Workplaces Recorded: Nov 6 2020 47 mins
    Julie Ashworth Glover, Founder and Principal, 6 Degrees Privacy Consulting, LLC, and Craig Unger, CEO and Founder, Hyperproof
    As private employers and federal, state and local governments begin to assess business re-opening measures in the wake of the COVID-19 pandemic, employers are re-evaluating how to safely transition employees back to the physical workplace. There’s a host of regulations employers must abide in the areas of health, safety, wage and hour issues, discrimination and harassment. In addition, employers need to be mindful of privacy regulations such as CCPA, U.S. state biometric laws and GDPR as they straddle the line between protecting employees’ health and maintaining the privacy rights of employees.

    In this virtual fire-side, Julie Ashworth Glover, JD, CIPP-US, CIPM, Founder and Principal of 6 Degrees Privacy Consulting, LLC, and Craig Unger, CEO and Founder of Hyperproof, will discuss the key privacy considerations employers must keep in mind as they develop plans to transition employees back to work in the physical workplace.
  • Growth and Compliance Recorded: Nov 6 2020 60 mins
    Matt Lehto, Chief Growth Officer, Hyperproof, and Alex Vorobiev, Head of Product, Hyperproof
    Compliance and top-line growth are mutually dependent. In this webinar, we will outline practical steps to start your compliance journey, discuss the state of compliance technology, and run a brief demonstration of Hyperproof.
  • Are Your Cybersecurity & Compliance Measures Remote-Work Ready? Recorded: Nov 6 2020 59 mins
    Hyperproof and Rubica
    In this webinar, our speakers will be addressing the key security risks associated with remote-work, and BYOD environments, new security gaps organizations may now have, and how your organization may be continually secured in the new environment without having to do more work.
  • Can Your Compliance Program Keep Up With Emerging Risks and New Threat Vectors? Recorded: Nov 6 2020 56 mins
    Petrina Youhan, Director of Channel Partnerships, Hyperproof, and Peter vR Sternkopf, CEO, Vigilant Systems
    Great, you’ve got a compliance program in place! But it’s time-consuming to manage and it’s not exactly where you’d like it to be. With so many moving parts, it’s tough to understand where gaps exist within your control environment, and how well protected your organization is from risks that matter.

    When the risk landscape changes this quickly, organizations aren’t willing to hire additional staff to focus on compliance due to tight budgets, and the burden of compliance gets heavier each year due to customer demands and new regulations, organizations are forced to take a hard look at their approach to risk management and compliance.

    Watch this webinar with Petrina Youhan, CPA, CISSP and Peter vR Sternkopf, PMP, CEPA to hear how you can approach risk management and compliance differently, in a way that cuts down your compliance workload and improves the security posture of your organization. What’s covered:

    - Why is managing ongoing compliance important.

    - Approaching compliance strategically without adding more work.

    - Key benefits and considerations for implementing this approach to compliance, including greater oversight over risks and controls, greater agility, lighter workload, and a stronger security posture.
  • Key Finding Webinar: 2020 IT Benchmark Report Recorded: Nov 6 2020 62 mins
    Matt Lehto, Chief Growth Officer, Hyperproof, and Jingcong Zhao, Director of Content Marketing, Hyperproof
    In November of 2019, Hyperproof surveyed 526 U.S.-based professionals who make decisions on matters of data privacy, IT security, and compliance for their organizations to understand their top-of-mind concerns, current practices regarding IT security, data privacy and compliance, and their priorities for 2020. We found that many leaders have acknowledged how challenging it is to keep up with regulatory changes and maintain security and compliance programs that provide adequate cover. In fact, 62 percent of all respondents said their organization is planning to increase spending on compliance in the next 12 to 24 months.

    Watch this webinar to learn more about what compliance professionals said and how you can use this information in your work.
  • How to Use a Risk Management Framework to Elevate Your Cybersecurity Program Recorded: Oct 28 2020 63 mins
    M. James Gomez, CISO | CyberSec Consulting & Jingcong Zhao, Director of Content Marketing | Hyperproof
    According to Forrester, enterprises are predicted to spend $12.6 billion on cloud security tools by 2023, up from $5.6B in 2018. Yet, companies continue to experience sizable data breaches, with over 2000 confirmed cases of data breaches in 2019. As data breaches have become common, B2B buyers have become highly attuned to vendor risk. As such, security certs like SOC 2 and ISO 27001 reports have become common procurement gates.

    Without a risk management framework or strategic tools in place, organizations will struggle to maintain their desired risk profile and struggle to identify weaknesses in their control environment even as they devote more resources to cybersecurity and compliance. By aligning your security and compliance program to a risk management framework, your organization can ensure that risks to assets are properly identified, assessed, monitored and remediated. You can also improve the utilization of cybersecurity tools and lower the cost of compliance.
Monthly webinars giving an edge to compliance professionals
We seek to empower compliance officers and everyone who participates with compliance efforts. With our content, we aim to help these professionals guide organizations toward correct actions, a more ethical culture, fairness and greater transparency.

Headquartered in Bellevue, WA, Hyperproof serves as a system of record for an organization’s compliance data and gives teams involved the tools they need to collaborate with stakeholders in and outside of their organization. With this innovative approach, we’re able to help organizations meet their highest aspirations and demonstrate their commitment to protecting their customers, shareholders, partners and suppliers along with the greater community.

Check it out for yourself at hyperproof.io.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Getting Ready to Meet CMMC Requirements
  • Live at: Dec 10 2020 6:00 pm
  • Presented by: Matthew Monroe, Operations Manager & CISSP | Omnistruct & Joshua Bobbitt, CEO | FortifiedLogic
  • From:
Your email has been sent.
or close